GitHub pr decoration and check

Hi, we are using the SonarQube 8.3 developer ed. trial version to evaluate it use it in our CI environment using Jenkins. We are currently struggling to get the PR decoration / check to work in GitHub.

The actual comment on the PR is working and we can se that happening but the actual check does not as we expect. We have one warning that we can see in the UI shows a link to the PR and it works but also a warning:

" Pull request decoration did not happen. Commit ‘:commit_hash’ not found in pull request ‘:pr_number’"

We can see that the commit is there for the PR so we not sure about this warning.

We have followed the instructions for PR decoration in the documentation for 8.3 version and setup a GitHub app and that also seems to work since we see that the actual comment on the PR is there. But the actual check is not.

The scanner version we are using is 2.8.
Gradle version 5.6

We also setup the ALM in SonarQube as far as we can tell correctly and the logs does indicate that the integration is working half way at least.

Any suggestions on how to resolve this would be much appreciated.
Let me know if you need more information.



Hi again,
This issue is still active and any help to get it resolved would be very appreciated.

I can add that we see a /comments request in the logs to github occur and the PR decorated with the comment but we see no request POST /repos/:owner/:repo/check-runs as we expect in the logs.

There is the warning about git commit not existing in the PR but following number of threads in this forum and tried a number of ways to resolve this warning we have so far had no luck.

Thanks for any help


Hi, welcome to the community. This error often appears when the CI job is not fetching enough history (like a git shallow clone --depth 0), or when the CI job is working on a merge/rebase result, instead of the branch head. This is worth double-checking.

To be sure, you can add a git log command before in your CI job before the scanner runs, like :
git log --pretty=oneline -n10
and investigate from there.

Hope that helps

Hi Pierre, thanks for getting back to me.

I have tried to remove any 'middle-man’s CI (we use Jenkins) and just run scanning locally to make it easier to investigate the problem, where I have checked out the branch that I have made the PR for. The scan reports to my locale SonarQube instance and is integrated with GitHub ALM.

So the steps I have taken to understand the issue

  • Run git clone --no depth
  • Run git checkout for the branch the PR was made for
  • Run gradle SonarQube with the necessary parameters
    The scan completes and the local SQ reports the comment on the PR for the SHA (no checks-run)

I have also tried the SHA against GitHub api directly with ‘postman’ and successfully created the check with the api.

Is there any steps or procedure that I miss or misunderstand? Is there any other circumstances the actual check does not run

Thanks for any further help in this matter.


Screenshot 2020-05-20 at 15.57.40 Screenshot 2020-05-20 at 15.58.24

Here is the thing: you want to do a full clone, not a shallow one. So try with a regular git clone on the branch.

Sorry you missunderstood, I meant I do -no depth parameter i.e only git clone sorry for not being clear

I made manual request to the GitHub api using the /check-runs api and the pull request list does contain the PR with the same SHA that SQ says is not found. (

How many commits do you have in the P/R? I just found this bug that could be related:

Yes this was the issue, I had 100+ commits, thanks for your help, much appriciated!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.